<?php
ob_start();
session_start();
include 'operations/connection.php';
include 'generallibraries/funcs.php';

if(!$_SESSION['user'])
{
	header( 'Location: login.php' );
}
else
{
	$username = $_SESSION['user'];
	$id_employee = $_SESSION['IDEmployee'];
}

$a= (string)(microtime(true)*1000);
$b=split('\.',$a);
$idapprovedoc= $b[0];
$content1=$_REQUEST['n222'];
$content1= str_replace("'","",$content1);
$content2=$_REQUEST['n223'];
$content2= str_replace("'","",$content2);
$title=$_REQUEST['title'];
$description=$_REQUEST['description'];
$type=$_REQUEST['type'];
$tripDate=date("Y-m-d");
$thisWeek=$_REQUEST['thisweek'];

$content14=$_REQUEST['editor_content'];
$n222=$_REQUEST['n222'];
$n222= str_replace("'","",$n222);

$comment12 = $_REQUEST['comment'];
$location12 = $_REQUEST['location'];
$totaltime12 = $_REQUEST['totaltime'];
$employeeperfo12 = $_REQUEST['employeeper'];
$tripdate12 =$_REQUEST['date1'];

$purpose13 = $_REQUEST['purpose'];
$project13 = $_REQUEST['project'];
$a= (string)(microtime(true)*1000);
$b=split('\.',$a);
$idbuying13 = $b[0];
$productitem13 = $_REQUEST['productitem'];
$companyname13 = $_REQUEST['companyname'];
$quantity13 = $_REQUEST['quantity'];
$price13 =  $_REQUEST['price'];
$pricevat13 = $_REQUEST['pricevat'];
$totalamount13 = $_REQUEST['totalamount'];
$alltotalamount13 = $_REQUEST['alltotalamount'];
$content13=$_REQUEST['content1'];

$paymentadvance17 = $_REQUEST['paymentadvance'];
$item17 = $_REQUEST['item'];
$contentitem17 = $_REQUEST['contentitem'];
$currency17 = $_REQUEST['currency'];
$remark17 = $_REQUEST['remark'];

switch ($type){
	case 7:
		if(isset($_REQUEST['Save']) || isset($_REQUEST['Send'])){
			if(isset($_REQUEST['action'])){
				if($_REQUEST['action']=="newform"){
					$sql="INSERT INTO approvedoc(IDApproveDoc,Tile,Content,IDEmployee,Timecreate,IDStatus,IDTypeDoc)
					VALUES('$idapprovedoc','$title','$n222','$id_employee',NOW(),4,'$type')";
					mysql_query($sql);
				}else if($_REQUEST['action']=="editform" || $_REQUEST['action']=="my_declined"){
					$sql="update approvedoc set Tile='".$title."' ,Content='".$n222."' ,Timecreate=NOW()  where IDApproveDoc='".$_REQUEST['id']."'";
					mysql_query($sql);
				}
			}
		}else if(isset($_REQUEST['Delete'])){
			if($_REQUEST['action']=="editform"){
				$sql="DELETE FROM approvedoc WHERE IDApproveDoc = '".$_REQUEST['id']."'";
				mysql_query($sql);
			}else if($_REQUEST['action']=="my_declined"){
				$sql="UPDATE approvedoc set IDStatus = 6 WHERE IDApproveDoc = '".$_REQUEST['id']."'";
				mysql_query($sql);
			}
		}
		
		break;
	case 11:
		
		if(isset($_REQUEST['Save']) || isset($_REQUEST['Send'])){
			if(isset($_REQUEST['action'])){
				if($_REQUEST['action']=="newform"){
					$sql="INSERT INTO approvedoc(IDApproveDoc,Tile,Content,IDEmployee,Timecreate,IDStatus,IDTypeDoc,TripDate)
							VALUES('$idapprovedoc','$title','$n222','$id_employee',NOW(),4,'$type','$tripdate12')";
					mysql_query($sql);
				}else if($_REQUEST['action']=="editform" || $_REQUEST['action']=="my_declined"){
					$sql="update approvedoc set TripDate='".$tripdate12."',Tile='".$title."' ,Content='".$n222."' ,Timecreate=NOW()  where IDApproveDoc='".$_REQUEST['id']."'";
					mysql_query($sql);
				}
			}
		}else if(isset($_REQUEST['Delete'])){
			if($_REQUEST['action']=="editform"){
				$sql="DELETE FROM approvedoc WHERE IDApproveDoc = '".$_REQUEST['id']."'";
				mysql_query($sql);
			}
			/*else if($_REQUEST['action']=="my_declined"){
				
			}*/
		}
		break;
	case 12:
		if(isset($_REQUEST['Save']) || isset($_REQUEST['Send'])){
			if(isset($_REQUEST['action'])){
				if($_REQUEST['action']=="newform"){
					$sql="INSERT INTO approvedoc(IDApproveDoc,Tile,Content,IDEmployee,Timecreate,IDStatus,IDTypeDoc,
							comment,Description,Location,TripDate,TotalTime,EmployeePerforment) 
							VALUES('$idapprovedoc','$title','$n222','$id_employee',NOW(),4,'$type','$comment12','$description','$location12',
							'$tripdate12','$totaltime12','$employeeperfo12')";
					mysql_query($sql);
				}else if($_REQUEST['action']=="editform" || $_REQUEST['action']=="my_declined"){
					$sql="update approvedoc set comment='".$comment12."',Description='".$description."',Location='".$location12."',TripDate='".$tripdate12."',TotalTime='".$totaltime12."',EmployeePerforment='".$employeeperfo12."',Tile='".$title."' ,Content='".$n222."' ,Timecreate=NOW()  where IDApproveDoc='".$_REQUEST['id']."'";
					mysql_query($sql);
				}
			}
		}else if(isset($_REQUEST['Delete'])){
			if($_REQUEST['action']=="editform"){
				$sql="DELETE FROM approvedoc WHERE IDApproveDoc = '".$_REQUEST['id']."'";
				echo $sql;
				mysql_query($sql);
			}else if($_REQUEST['action']=="my_declined"){
				$sql="UPDATE approvedoc set IDStatus = 6 WHERE IDApproveDoc = '".$_REQUEST['id']."'";
				mysql_query($sql);
			}
		}
		
		break;
	case 13:
		if(isset($_REQUEST['Save']) || isset($_REQUEST['Send'])){
			$hamsort=" where ac_customer.CustomerName='".$companyname13."'";
			$sqlCustomer = generalFunctions::listCustomer("ac_customer.CustomerName,ac_customer.Activest",$hamsort);
			$rs=mysql_query($sqlCustomer);
			if(mysql_num_rows($rs)>0){
				$row=mysql_fetch_array($rs);
				if($row[Activest]==0){
					$isql="update ac_customer set ac_customer.Activest=1 where ac_customer.CustomerName='".$companyname13."'";
					mysql_query($isql);
				}
			}else{
				$ia= (string)(microtime(true)*1000);
				$ib=split('\.',$ia);
				$iCustomerID="KHTT".$ib[0];
				$isql="insert into ac_customer (CustomerID,CustomerName,CreatedDate,Activest) values ('".$iCustomerID."','".$companyname13."',date(now()),1)";
				mysql_query($isql);
			}
			if(isset($_REQUEST['action'])){
				if($_REQUEST['action']=="newform"){
					$sql ="INSERT INTO approvedoc(IDApproveDoc,Tile,Content,IDEmployee,Timecreate,IDStatus,IDTypeDoc,comment,
					Description,purpose,TripDate,Content2)
					VALUES('$idapprovedoc','$title','$content13','$id_employee',NOW(),4,'$type','$comment12','$description','$purpose13','$tripdate12','$project13')";
					mysql_query($sql);
					$summoney=0;
					for( $i=0;$i<count($price13);$i++ ){
						if($productitem13[$i]!=null && $productitem13[$i]!=""){
							$summoney +=str_replace(",","",$totalamount13[$i]);
							$a= (string)(microtime(true)*1000);
							$b=split('\.',$a);
							$idbuying13 = $b[0];
							$sqlproduct = "INSERT INTO buying_document (id,document_id,name,company,amount,price,vat,total)
									VALUES('$idbuying13','$idapprovedoc','$productitem13[$i]','$companyname13','$quantity13[$i]','$price13[$i]','$pricevat13[$i]','".str_replace(",","",$totalamount13[$i])."')";
							mysql_query($sqlproduct);
						}
					}
					$sql="update approvedoc set SumMoney=".$summoney." where IDApproveDoc='".$idapprovedoc."'";
					mysql_query($sql);
				}else if($_REQUEST['action']=="editform" || $_REQUEST['action']=="my_declined"){
					$sql="delete from buying_document where document_id='".$_REQUEST['id']."'";
					mysql_query($sql);
					$summoney=0;
					for( $i=0;$i<count($price13);$i++ ){
						if($productitem13[$i]!=null && $productitem13[$i]!=""){
							$summoney +=str_replace(",","",$totalamount13[$i]);
							$a= (string)(microtime(true)*1000);
							$b=split('\.',$a);
							$idbuying13 = $b[0];
							$sqlproduct = "INSERT INTO buying_document (id,document_id,name,company,amount,price,vat,total)
									VALUES('$idbuying13','".$_REQUEST['id']."','$productitem13[$i]','$companyname13','$quantity13[$i]','$price13[$i]','$pricevat13[$i]','".str_replace(",","",$totalamount13[$i])."')";
							mysql_query($sqlproduct);
						}
					}
					$sql="update approvedoc set Tile='".$title."',Content='".$content13."',TripDate='".$tripdate12."',purpose='".$purpose13."',Content2='".$project13."',Description='".$description."' ,comment='".$comment12."',Timecreate=NOW(),SumMoney=".$summoney."  where IDApproveDoc='".$_REQUEST['id']."'";
					mysql_query($sql);
				}
			}
		}else if(isset($_REQUEST['Delete'])){
			if($_REQUEST['action']=="editform"){
				$sql="delete from buying_document where document_id='".$_REQUEST['id']."'";
				mysql_query($sql);
				$sql="DELETE FROM approvedoc WHERE IDApproveDoc = '".$_REQUEST['id']."'";
				mysql_query($sql);
			}else if($_REQUEST['action']=="my_declined"){
				$sql="UPDATE approvedoc set IDStatus = 6 WHERE IDApproveDoc = '".$_REQUEST['id']."'";
				mysql_query($sql);
			}
		}

		break;
	case 14:
		if(isset($_REQUEST['Save']) || isset($_REQUEST['Send'])){
			if(isset($_REQUEST['action'])){
				if($_REQUEST['action']=="newform"){
					$sql="INSERT INTO approvedoc(IDApproveDoc,Tile,Content,IDEmployee,Timecreate,IDStatus,IDTypeDoc,Description,TripDate)
						VALUES('$idapprovedoc','$title','$n222','$id_employee',NOW(),4,'$type','$description','$tripDate')";
					mysql_query($sql);
					//echo htmlentities($sql);
				}else if($_REQUEST['action']=="editform" || $_REQUEST['action']=="my_declined"){
					$sql="update approvedoc set Tile='".$title."' ,Content='".$n222."' ,Timecreate=NOW() ,Description='".$description."' ,TripDate=NOW()  where IDApproveDoc='".$_REQUEST['id']."'";
					mysql_query($sql);
					echo $sql;
				}
			}
		}else if(isset($_REQUEST['Delete'])){
			if($_REQUEST['action']=="editform"){
				$sql="DELETE FROM approvedoc WHERE IDApproveDoc = '".$_REQUEST['id']."'";
				mysql_query($sql);
			}else if($_REQUEST['action']=="my_declined"){
				$sql="UPDATE approvedoc set IDStatus = 6 WHERE IDApproveDoc = '".$_REQUEST['id']."'";
				mysql_query($sql);
			}
		}
		
		break;
	case 15:
		if(isset($_REQUEST['Save']) || isset($_REQUEST['Send'])){
			$hamsort=" where ac_customer.CustomerName='".$companyname13."'";
			$sqlCustomer = generalFunctions::listCustomer("ac_customer.CustomerName,ac_customer.Activest",$hamsort);
			$rs=mysql_query($sqlCustomer);
			if(mysql_num_rows($rs)>0){
				$row=mysql_fetch_array($rs);
				if($row[Activest]==0){
					$isql="update ac_customer set ac_customer.Activest=1 where ac_customer.CustomerName='".$companyname13."'";
					mysql_query($isql);
				}
			}else{
				$ia= (string)(microtime(true)*1000);
				$ib=split('\.',$ia);
				$iCustomerID="KHTT".$ib[0];
				$isql="insert into ac_customer (CustomerID,CustomerName,CreatedDate,Activest) values ('".$iCustomerID."','".$companyname13."',date(now()),1)";
				mysql_query($isql);
			}
			if(isset($_REQUEST['action'])){
				if($_REQUEST['action']=="newform"){
					$sql="INSERT INTO approvedoc(IDApproveDoc,Tile,EmployeePerforment,Location,TripDate,TotalTime,Content,IDEmployee,Timecreate,IDStatus,IDTypeDoc,Description,comment) 
						Values ('$idapprovedoc','$title','$employeeperfo12','$location12','$tripdate12','$totaltime12','$n222','$id_employee',NOW(),4,'$type','$description','$comment12')";
					mysql_query($sql);
					$summoney=0;
					for( $i=0;$i<count($price13);$i++ ){
						if($productitem13[$i]!=null && $productitem13[$i]!=""){
							$summoney +=str_replace(",","",$totalamount13[$i]);
							$a= (string)(microtime(true)*1000);
							$b=split('\.',$a);
							$a= $b[0];
							$b=split('\.',$a);
							$idbuying13 = $b[0];
							$sqlproduct = "INSERT INTO buying_document (id,document_id,name,company,amount,price,vat,total)
								VALUES('$idbuying13','$idapprovedoc','$productitem13[$i]','$companyname13','$quantity13[$i]','$price13[$i]','$pricevat13[$i]','".str_replace(",","",$totalamount13[$i])."')";
							mysql_query($sqlproduct);
						}
					}
					$sql="update approvedoc set SumMoney=".$summoney." where IDApproveDoc='".$idapprovedoc."'";
					mysql_query($sql);
				}else if($_REQUEST['action']=="editform" || $_REQUEST['action']=="my_declined"){
					$sql="delete from buying_document where document_id='".$_REQUEST['id']."'";
					mysql_query($sql);
					$summoney=0;
					for( $i=0;$i<count($price13);$i++ ){
						if($productitem13[$i]!=null && $productitem13[$i]!=""){
							$summoney +=str_replace(",","",$totalamount13[$i]);
							$a= (string)(microtime(true)*1000);
							$b=split('\.',$a);
							$idbuying13 = $b[0];
							$sqlproduct = "INSERT INTO buying_document (id,document_id,name,company,amount,price,vat,total)
									VALUES('$idbuying13','".$_REQUEST['id']."','$productitem13[$i]','$companyname13','$quantity13[$i]','$price13[$i]','$pricevat13[$i]','".str_replace(",","",$totalamount13[$i])."')";
							mysql_query($sqlproduct);
						}
					}
					$sql="update approvedoc set Tile='".$title."',Content='".$n222."',TripDate='".$tripdate12."',EmployeePerforment='".$employeeperfo12."',Location='".$location12."',Description='".$description."' ,comment='".$comment12."',Timecreate=NOW(),TotalTime='".$totaltime12."',comment='".$comment12."', SumMoney=".$summoney."  where IDApproveDoc='".$_REQUEST['id']."'";
					mysql_query($sql);
				}
			}
		}else if(isset($_REQUEST['Delete'])){
			if($_REQUEST['action']=="editform"){
				$sql="delete from buying_document where document_id='".$_REQUEST['id']."'";
				mysql_query($sql);
				$sql="DELETE FROM approvedoc WHERE IDApproveDoc = '".$_REQUEST['id']."'";
				mysql_query($sql);
			}else if($_REQUEST['action']=="my_declined"){
				$sql="UPDATE approvedoc set IDStatus = 6 WHERE IDApproveDoc = '".$_REQUEST['id']."'";
				mysql_query($sql);
			}
		}
		break;
	case 16:
		$thisWeek = date('Y-m-d',$thisWeek);
		if(isset($_REQUEST['Save']) || isset($_REQUEST['Send'])){
			if($_REQUEST['action']=="editform"){
				$sql="UPDATE approvedoc	set Tile='".$title."',Content='".$content1."',IDEmployee='".$id_employee."',Timecreate=NOW(),IDStatus=4,IDTypeDoc='".$type."',Description='".$description."',TripDate='".$thisWeek."',Content2='".$content2."' WHERE IDApproveDoc = '".$_REQUEST['id']."'";
				mysql_query($sql);
				
			}else{
				$sql="INSERT INTO approvedoc(IDApproveDoc,Tile,Content,IDEmployee,Timecreate,IDStatus,IDTypeDoc,Description,TripDate,Content2)
					VALUES('$idapprovedoc','$title','$content1','$id_employee',NOW(),4,'$type','$description','$thisWeek','$content2')";
				mysql_query($sql);
			}
			
		}elseif (isset($_REQUEST['Delete']) ) {
			if($_REQUEST['action']=="editform"){
				$sql="DELETE FROM approvedoc WHERE IDApproveDoc = '".$_REQUEST['id']."'";
				mysql_query($sql);
			}else if($_REQUEST['action']=="my_declined"){
				$sql="UPDATE approvedoc set IDStatus = 6 WHERE IDApproveDoc = '".$_REQUEST['id']."'";
				mysql_query($sql);
			}
		}	
		
		break;
	case 17:
		if(isset($_REQUEST['Save']) || isset($_REQUEST['Send'])){
			if(isset($_REQUEST['action'])){
				if($_REQUEST['action']=="newform"){
					$sql="INSERT INTO approvedoc(IDApproveDoc,Tile,IDEmployee,Timecreate,IDStatus,IDTypeDoc,Location,TripDate,TotalTime,EmployeePerforment)
							VALUES('$idapprovedoc','$title','$id_employee',NOW(),4,'$type','$location12','$tripDate','$paymentadvance17','$employeeperfo12')";
					mysql_query($sql);
					$summoney=0;
					for($i=0;$i<count($item17);$i++){
						if($item17[$i]!=null){
							$summoney +=str_replace(",","",$currency17[$i]);
							$sqlitem="INSERT INTO ap_advance(items,content,money,notes,document_id) values('$item17[$i]','$contentitem17[$i]',
						'".str_replace(",","",$currency17[$i])."','$remark17[$i]','$idapprovedoc')";
						mysql_query($sqlitem);
						}
					}
					$sql="update approvedoc set SumMoney=".$summoney." where IDApproveDoc='".$idapprovedoc."'";
					mysql_query($sql);
					
				}else if($_REQUEST['action']=="editform" || $_REQUEST['action']=="my_declined"){
					$sql="delete from ap_advance where document_id='".$_REQUEST['id']."'";
					mysql_query($sql);
					$summoney=0;
					for($i=0;$i<count($item17);$i++){
						if($item17[$i]!=null){
							$summoney +=str_replace(",","",$currency17[$i]);
							$sqlitem="INSERT INTO ap_advance(items,content,money,notes,document_id) values('$item17[$i]','$contentitem17[$i]',
						'".str_replace(",","",$currency17[$i])."','$remark17[$i]','".$_REQUEST['id']."')";
						mysql_query($sqlitem);
						}
					}
					$sql="update approvedoc set Location='".$location12."',TotalTime='".$paymentadvance17."',EmployeePerforment='".$employeeperfo12."',Tile='".$title."' ,Timecreate=NOW(),SumMoney=".$summoney."  where IDApproveDoc='".$_REQUEST['id']."'";
					mysql_query($sql);
				}
			}
		}else if(isset($_REQUEST['Delete'])){
			if($_REQUEST['action']=="editform"){
				$sql="DELETE FROM approvedoc WHERE IDApproveDoc = '".$_REQUEST['id']."'";
				mysql_query($sql);
				$sql="delete from ap_advance where document_id='".$_REQUEST['id']."'";
				mysql_query($sql);
			}else if($_REQUEST['action']=="my_declined"){
				$sql="UPDATE approvedoc set IDStatus = 6 WHERE IDApproveDoc = '".$_REQUEST['id']."'";
				mysql_query($sql);
			}
		}
		
		break;
	default:
		break;
}

mysql_close($connection);

if (isset($_REQUEST['Save'])){
	header("Location: mydocument.php?content=list-mydocument-saved-content");
}
if(isset($_REQUEST['Delete'])){
	if($_REQUEST['action']=="editform"){
		header("Location: mydocument.php?content=list-mydocument-saved-content");
	}else if($_REQUEST['action']=="my_declined"){
		header("Location: mydocument.php?content=list-mydocument-declined-content");
	}
}
if (isset($_REQUEST['Send'])){

	
		if($_REQUEST['action']=='newform'){
			header("Location: approve.php?idapprovedoc=".$idapprovedoc."&type=".$type."");
		}else{
			header("Location: approve.php?idapprovedoc=".$_REQUEST['id']."&type=".$type."");
		}
	
	

}

ob_flush();

?>